> I don't think it would be useful to limit this at an arbitrary point,
iteration
> count can be set per password and if someone wants a specific password to
be
> super-hard to brute force then why should we limit that?
I agree with that. Maybe some users do want a super-hard password.
RFC 7677 and RFC 5802 don't specify the maximum number of iterations.
> If we want to add CHECK_FOR_INTERRUPTS inside the loop I think a brief
> comment would be appropriate.
This has been completed in patch v2 and it's ready for review.
Regards
Bowen Shi
From 89c4de0a814d5343c54d9e8501986892fbb4b33e Mon Sep 17 00:00:00 2001
From: bovenshi <bovenshi@tencent.com>
Date: Wed, 22 Nov 2023 19:30:56 +0800
Subject: [PATCH] Add CHECK_FOR_INTERRUPTS in scram_SaltedPassword loop.
When the scram_iterations value is set too large, the backend would hang for
a long time. Add CHECK_FOR_INTERRUPTS within the loop of scram_SaltedPassword
to handle any signals received during this period.
---
src/common/scram-common.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/common/scram-common.c b/src/common/scram-common.c
index ef997ef..bdf40e8 100644
--- a/src/common/scram-common.c
+++ b/src/common/scram-common.c
@@ -15,6 +15,7 @@
*/
#ifndef FRONTEND
#include "postgres.h"
+#include "miscadmin.h"
#else
#include "postgres_fe.h"
#endif
@@ -73,6 +74,13 @@ scram_SaltedPassword(const char *password,
/* Subsequent iterations */
for (i = 2; i <= iterations; i++)
{
+ /*
+ * Allow it to be interrupted is necesssary when scram_iterations
+ * is set to a large value. However, this only works in the backend.
+ */
+#ifndef FRONTEND
+ CHECK_FOR_INTERRUPTS();
+#endif
if (pg_hmac_init(hmac_ctx, (uint8 *) password, password_len) < 0 ||
pg_hmac_update(hmac_ctx, (uint8 *) Ui_prev, key_length) < 0 ||
pg_hmac_final(hmac_ctx, Ui, key_length) < 0)
--
2.9.3
